CVE-2013-4061
First published: Mon Sep 09 2013(Updated: )
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational Policy Tester | =8.5.0.0 | |
| IBM Rational Policy Tester | =8.5.0.1 | |
| IBM Rational Policy Tester | =8.5.0.2 | |
| IBM Rational Policy Tester | =8.5.0.3 | |
| IBM Rational Policy Tester | =8.5.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- vendor/ibm
- canonical/ibm rational policy tester
- version/ibm rational policy tester/8.5.0.0
- version/ibm rational policy tester/8.5.0.1
- version/ibm rational policy tester/8.5.0.2
- version/ibm rational policy tester/8.5.0.3
- version/ibm rational policy tester/8.5.0.4